The ongoing theme in industrial cybersecurity centers on two competing dynamics – the desire to expand our implementation of automation and Industry 4.0 technologies with the goal of using more and faster connections, along with the decision-making data each generates to improve the efficiency and quality of production.

However, these goals now need to be counter-balanced against the heightened risks that all these connections spawn, and the doors they can open for hackers looking to shut down, extort or steal data from manufacturers. 

In this episode, Joe Saunders, the CEO and Founder of RunSafe Security, offers his take on securing these connections and data, as well:

• The on-going challenges associated with memory-based vulnerabilities.
• Tactics for supporting legacy OT code and minimizing the potential disruptions that can accompany software upgrades.
• Addressing vulnerabilities at a "class" level, instead of the one-at-a-time "whack-a-mole" approach.
• Embracing CISA's secure-by-demand edicts.
• The balancing act of more connections without lowering the security posture.
• Warnings about China and other state-sponsored threat actors.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

We’re back to discuss an all-too-familiar topic – ransomware.

Ironically enough, it seems the topics we describe in this manner become so familiar because we can’t figure out viable, long-term solutions. I think part of the challenge for industrial organizations dealing with ransomware is that we have to divide our energy and resources between prevention, detection and response. Any one of those is a challenge, but managing all three is daunting, and hackers know this. But so do the good guys - one of which is our guest for today’s episode. 

Listen as Jeff Krull, principal and leader of Baker Tilly’s cybersecurity practice discusses their Guide to Ransomware Prevention, as well as his thoughts on:

• The C-suite's growing appreciation of how cyberattacks are impacting profitability, which means cybersecurity has become more than just an IT issue.
• How more resources have made RaaS groups increasingly difficult to detect and stop.
• Paying vs. not paying the ransom.
• Why more cyber regulation is on the way.
• Manufacturing's lack of redundant assets is making it a more attractive target, but also fueling action around response and recovery plans.
• Why not everyone needs access to everything.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

When looking at industrial cybersecurity, more attention is being paid to how workers are logging in to access critical machinery, software or data. And according to Trustwave Threat Intelligence’s recent Manufacturing Threat Landscape report, 45 percent of attacks experienced by manufacturers stemmed from the bad guys accessing credentials.

Whether by utilizing brute-force tactics, submitting fake support tickets, or purchasing logins on the Dark Web, this seems to prove that hackers would much rather log in than break in. 

The report also cited the rise of Initial Access Brokers, or groups that focus specifically on obtaining and selling log-in data to other hackers. One example cited by Trustwave saw an IAB offering access to a leading steel manufacturer for just over $60,000. Unfortunately, this is not a unique circumstance, which is why we're talking to David Cottingham, president of rf IDEAS to weigh in on the ongoing challenges surrounding secure access throughout the OT environment.

Listen as we discuss:

• The importance of simplifying security processes to keep people engaged with them.
• Why no manufacturer is too small to be a target for credential-based attacks.
• Overcoming the bad behaviors that can result from operations personnel dealing with over 25 passwords.
• Avoiding punitive actions surrounding people-based security vulnerabilities.
• Why dual factor authentication strategies are key to ongoing security developments. 
• Best practices for mobile device use.
• How VPNs, firewalls and password wallets are simultaneously solutions and vulnerabilities.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

You’ve probably heard a number of reports citing ransomware as the leading attack strategy within the industrial sector. In some instances, it’s been reported that ransomware groups are focusing as much as 70 percent of their activity on manufacturing enterprises. 

In one report from ICS security specialist Dragos, it was reported that 65 percent of all attacks thrown at the industrial sector were of the ransomware variety. And according to this episode's guest, cybersecurity attacks like these are never a one-and-done occurrence, meaning on-going vigilance against ransomware criminals and the like require on-going security diligence. 

Greg Scasny is the CTO of Blueshift Cybersecurity, a provider of security solutions focused on helping small and medium-sized enterprises develop and maintain a security posture that simultaneously defends against attacks while working to preserve ongoing operations.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

The industrial sector knows all too well about the need to innovate product offerings and production strategies in order to stay ahead of the competition. Unfortunately, the same can be said for cyber criminals looking to either steal information or hold your data, manufacturing capabilities, or intellectual property for ransom. 

Just as you continue to develop new strategies to respond to hacks and protect you digital presence, these bad actors are continuing to update and enhance their schemes in order to improve the success rate of their attacks. 

In an effort to help counter these bad actors and stay a step ahead, NETSCOUT Systems recently unveiled their bi-annual Threat Intelligence Report. It offers insight on the continued threats presented by Distributed Denial of Service and ransomware attacks. 

To help walk us through the report and offer additional insight on some of the new tactics being utilized to carry out these legacy cybersecurity attacks is NETSCOUT’s Threat Intelligence Lead, Richard Hummel.

For more information on the work NETSCOUT does, you can go to netscout.com. And to get a look at their recent report, you can go to https://www.netscout.com/threatreport

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

The industrial sector knows all too well about the need to innovate product offerings and production strategies in order to stay ahead of the competition. Unfortunately, the same can be said for cyber criminals looking to either steal information or hold your data, manufacturing capabilities, or intellectual property for ransom. 

Just as you continue to develop new strategies to respond to hacks and protect you digital presence, these bad actors are continuing to update and enhance their schemes in order to improve the success rate of their attacks. 

In an effort to help counter these bad actors and stay a step ahead, NETSCOUT Systems recently unveiled their bi-annual Threat Intelligence Report. It offers insight on the continued threats presented by Distributed Denial of Service and ransomware attacks. 

To help walk us through the report and offer additional insight on some of the new tactics being utilized to carry out these legacy cybersecurity attacks is NETSCOUT’s Threat Intelligence Lead, Richard Hummel.

For more information on the work NETSCOUT does, you can go to netscout.com. And to get a look at their recent report, you can go to https://www.netscout.com/threatreport

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

While rogue individuals with an agenda and advanced cybersecurity skills are still prevalent, most headline-grabbing hacks are now originating from well-organized, highly talented groups or organizations. Not only does this dynamic provide access to a greater pool of talent, but it makes stopping a multi-faceted attack more difficult.

One of the most notorious of these cyber terrorist groups is BlackByte. The Ransomware-as-a-service group recently made headlines by hacking the National Football League’s San Francisco 49ers right before the league’s biggest weekend – the most recent Super Bowl.

The group was able to exploit a vulnerability in the team’s Microsoft Exchange server and implement a tool called Cobalt Strike. Users were then sent hourly ransom notes via a print bomb to all printers connected to the infected machine. 

While the 49ers have downplayed the impact of the hack, it did result in the release of financial documents that BlackByte posted to a site on the dark web. No ransom demands were made public, but the amount of data actually stolen remains unknown.

The growing reach, ability and boldness of these groups should give everyone in the industrial sector pause – regardless of your role or job title. If they can access data from a billion-dollar franchise, your IP and financial data is, at least, just as vulnerable.

The good news is that we have people like Lauren Podber, Principal Intelligence Analyst at Red Canary, to help guide us in getting ahead of groups like BlackByte. Lauren and her cohorts at Red Canary specialize in managing cybersecurity endpoint detection, planning and response. She recently sat down to discuss BlackByte, the importance of having a response plan at the ready, and what hacks to look out for over the next 12-18 months.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Regardless of the report, survey or research, all data related to industrial cybersecurity makes one thing very clear – the last two years have presented a dangerous uptick in the number of cybersecurity attacks, and the severity of them.

So, if knowing is half the battle, the other half is identifying tools to help accomplish the mission. With this in mind, we welcome David Nosibor, Platform Solutions Leads at UL – the well-known leader in global safety certification.

Presented with the frightening increase in the number of cyberattacks, the organization recently launched the SafeCyber platform to help organizations improve the cybersecurity of connected products throughout the entire lifecycle. This includes identifying current and future vulnerabilities and providing guidance to some of the obstacles currently preventing these issues from being addressed.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Whether it's the infamous Colonial Pipeline ransomware attack last summer, or an ongoing number of water treatment facility hacks, there’s no doubt that infrastructure facilities have become a favorite target of cyber criminals.

In fact, according to a recent report from Skybox Security, the first half of 2021 saw a 46% year-over-year increase in new OT vulnerabilities within organizations charged with running and maintaining key portions of the U.S.'s infrastructure.   

In this episode of Security Breach, Alastair Williams, vice president of worldwide systems engineering at Skybox Security,  joins us to help break down some of the social and market factors driving these troubling cybersecurity dynamics. We also discuss ransomware attacks, Log4J challenges, and what he sees as the biggest cybersecurity trends to consider for 2022.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

If there’s one thing that has become very apparent in dealing with cybersecurity issues throughout the industrial sector, it’s that responding to these challenges means taking a look at things from a different perspective.

I recently sat down with Johnny Young, a 35-year veteran of industrial IT and cybersecurity. He’s embraced his role as JohnE Upgrade and launched CyberD.TV - a streaming subscription service devoted to providing comprehensive cybersecurity training.

What follows is the second of two episodes featuring JohnE. Here he talks about some of steps companies can take in guarding against any number of cyberattacks.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

If there’s one thing that has become very apparent in dealing with cybersecurity issues throughout the industrial sector, it’s that responding to these challenges means taking a look at things from a different perspective.

Well, that’s what we have with this episode. I recently sat down with Johnny Young, a 35-year veteran of industrial IT and cybersecurity. He’s embraced his role as JohnE Upgrade and launched CyberD.TV - a streaming subscription service devoted to providing comprehensive cybersecurity training.

What follows is the first of two episodes featuring JohnE. Here he talks about some of the basic, yet vitally important measures every employee can take in guarding against any number of cyberattacks.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

In this episode we welcome Theo Zafirakos, the Chief Information Security Officer at Terranova Security, to discuss is company's recently report indicating that the success of phishing schemes continues to escalate. Their findings include data showing that:

• Nearly one in every five end users (19.8 percent) who received a phishing simulation email clicked on the initial message’s phishing link. 
• 14.4 percent of all end users failed to recognize the simulation’s resulting webpage as unsafe,  and clicked on the malicious file’s download link.
• This means that the number of initial clickers who ended up downloading the phishing simulation’s webpage file exceeded 70 percent. 

The growing number of remote workers, combined with the amount of personal and enterprise-level data that can be obtained makes the industrial sector an increasingly appealing target. 

Going forward, the security firm feels that the industrial sector will need to do more to increase worker awareness of these attacks in understanding how to respond, or more importantly, how not to react to the messages these attackers use.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

In this episode of Security Breach, we're joined by Thierry Aubry, a Sales Executive at Open Systems. 

Open Systems recently offered a look inside a phishing scheme and potential malware attack experienced by one of their customers. While this global manufacturer of home and commercial appliances will remain anonymous, Thierry will walk us through how the attack was instigated, how Open Systems was able to respond, and what steps you can take to avoid and respond to potential attacks against your systems and proprietary data.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

As we’ve discussed numerous times on Security Breach, terms like change, evolution and constant are more than just buzz terms – they’re a simple reality of working in the industrial OT space.

Whether we’re discussing threat actors from Stuxnet to Lockbit, tactics from social engineering to double-extortion ransomware, or vulnerability sources ranging from weak passwords to embedded secure-by design concerns, the ever-expanding attack surface is a constant reminder of change and the evolving nature of threats. 

In this episode we talk to Michael Haase, and draw on his extensive background and personal experiences as we discuss:

• The on-going balancing act between cost and security priorities.
• Why he considers the need for phishing training, "a massive failure on the part of the technical community."
• How AI is laying the groundwork for attacks that haven't happened yet.
• Why the growing complexity of hackers is actually a positive indicator.
• Automation is the inflection point for cybersecurity - for both sides.
• The shift from worrying about the ability to detect new attacks to focusing on the vulnerabilities being exploited.
• The distinction between learning what needs to be done and actually taking action.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

In this episode of Security Breach, we're joined by Brian Vecci, the Field CTO of Varonis,  - a leading provider of cyber threat detection and response compliance software.

Varonis recently published their 2021 Manufacturing Data Risk Report, which offered analysis on threats, trends and potential solutions for a number of market sectors – including manufacturing. Included in their findings was that manufacturing was the fifth most targeted industry last year, with the average data breach costing nearly $5M, and taking over seven months to contain.

Overall, Varonis feels the industrial sector’s level of cybersecurity sophistication lags behind many of its peers in the financial and healthcare sectors. We recently sat down to discuss the report, understanding your cybersecurity blast radius, data as a production asset, password protections, and more.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

In addition to supply chain challenges and labor shortages, one of the biggest issues emerging from the COVID-19 pandemic for the industrial sector has been the huge uptick in cyberattacks.

To make things worse, the Center for Strategic and International Studies, after studying cyberattack trends since 2006, says there is a clear pattern wherein these attacks will increase during the month of October, with five offending countries or entities responsible for the majority of the incidents. 

Based upon analysis, it is predicted that cyberattacks originating in Russia, China, North Korea and Iran will increase this month.

Joining for the first in a series of episodes discussing new and prevailing cybersecurity challenges confronting the U.S. industrial sector is Adam Kohnke from Madison, WI-based Infosec Institute - a leading cybersecurity training and education firm.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Over the last nearly 100 episodes of Security Breach we’ve discussed a wide range of strategies for protecting the manufacturing enterprise. But perhaps the most polarizing of these has been Zero Trust. While some unwaveringly champion the cause of this approach, others question the ways in which it is typically deployed.

Perhaps this dichotomy is best represented in Palo Alto and ABI Research’s The State of OT Security report. It found that 93 percent of those surveyed were familiar with Zero Trust, and 87 percent found the approach to be the right fit for protecting OT environments. However, half of those participating in the research also stated that there are practical blockers that prohibit implementation. 

In the end, like most things in the cybersecurity world, the answer lies in striking a balance between restricting access and implementing safeguards against time-consuming processes. In this episode I talk to Roman Arutyunov, Co-founder and SVP of product at Xage Security, about zero trust and a number of other topics, including:

• How cybersecurity needs to be viewed as both a productivity and protection tool.
• Overcoming the "it won't happen to me" mindset.
• The sector's over-reliance on VPNs and firewalls.
• Why manufacturing is missing regulatory guidance, and why that will change in the short-term.
• Improving responses to attacks, including ransomware..
• How AI can play a key role in shrinking the attack surface.
• Avoiding tool implementations that can be an "inverse pyramid of pain."

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

One of the more common obstacles that we discuss here on Security Breach is how increased connectivity has combined with new Industry 4.0 technologies to constantly expand the OT attack surface. In the midst of all this expansion, it’s easy to either overlook cybersecurity concerns, or put too much trust in the embedded security features of the new assets. 

So, while this usually brings up conversations about endpoint security, integration processes and secure-by-design protocols, let’s talk about something that our guest for today’s episode knows and understands all too well … time. 

Industry experts value downtime on the plant floor at about $250k/hour. So, just like predictive maintenance has become part of a facility’s new normal, predictive cybersecurity needs to receive the same priority.

Here to discuss this concept is Riley Groves, an engineer at Auvesy-MDT, a leading providing of ICS and automation solutions. Listen as we also discuss:

• The improving convergence of IT and OT on the plant floor.
• Getting ahead of vulnerabilities.
• The factors driving greater buy-in from the C-suite on cybersecurity investments.
• Why cybersecurity is the Special Teams of the industrial enterprise.
• How legacy systems are providing "function by disfunction" from a security perspective.
• The better ways to use AI.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Those of you with a military or law enforcement connection are probably, and unfortunately, familiar with the term collateral damage. While this phrase has a legacy in these environments, it’s also become an unwelcome addition to the realm of cybersecurity.

Examples of this dynamic can be found in a number of hacktivist attacks that targeted infrastructure in a certain region, but either through unrealized connections or other bad actors simply following the blueprint, impacted facilities across the globe.  

Jason Oberg, the CTO of Cycuity, a leading provider of vulnerability mitigation solutions for semiconductor manufacturers, recently joined us to discuss some of the potential fallout from hacks, and how to prevent or respond to them in minimizing the collateral damage. We also talked about:

• How hackers are getting smarter in their hacks against chip makers.
• Why awareness of hacker tactics is not enough, and how manufacturers of all types can enhance their knowledge level pertaining to the growing sophistication of hackers and attacks.
• Addressing the baked-in compromises of hardware products, and the long-term impacts on all users and industries.
• Focusing on the inherent vulnerabilities of production processes, not just the associated technology.
• Balancing the goals of "getting product out the door" with embedding greater levels of security.
• How greater transparency can help with secure-by-design challenges.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Viewing hacks as diseases to address evolving threats, vulnerabilities and tools like AI.

Like many of you, I recently dove into Verizon’s 2024 Data Breach Investigations Report (DBIR).  And while there’s a plethora of data housed in the report that could fuel conversations on a multitude of topics, I chose the following two pieces of information:

• While credential harvesting and phishing attacks still led the way, the use of exploitable vulnerabilities to access networks tripled from last year, and were primarily leveraged by Ransomware and other Extortion-related threat actors.
• The reported median time to click on a malicious link after an email is opened is 21 seconds, and then only another 28 seconds for the person caught in the phishing scheme to enter their data. So, basically, a successful phishing attack can be executed in less than 60 seconds. 

These two items caught my eye because they seem like the low-hanging fruit when it comes to cybersecurity. In this episode, Roland Cozzolino, CTO/CIO of InsightCyber, a global provider of asset visibility, risk management and security services delivered via an AI-driven platform, offers his perspective on these types of exploits, as well as:

• Why state-sponsored hacker groups are his biggest concern.
• The problems caused by patient hackers and their live-off-the-land, or dwelling approach to network intrusions.
• How manufacturers can and need to improve their use of AI tools for enhancing visibility, asset management and threat detection.
• The advantages of designing OT security processes as though you're working in a disease-driven environment.
• Viewing cybersecurity as less about saving money and more about not losing control of an operation.
• Developing a strategy that goes beyond just "unplugging the machine".

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

It starts with a dedication to enhanced visibility.

One of the big conversations regarding OT security revolves around the use of tools. Some have too many, others not enough and everyone is searching for the funds to mange and obtain the right ones for a constantly evolving threat landscape.

The key to understanding which tools are right for you and your organization not only demands a comprehensive understanding of your OT environment’s assets, APIs and connections, but a working situational awareness. Here to discuss some of these topics, and more, is Sharon Brizinov, Director of Research at Claroty’s research arm, Team82.

Claroty is a leading provider of ICS and OT security, with partners that include Rockwell, Schneider Electric and Siemens. Watch/listen as we discuss:

• How creating patching windows can help address vulnerabilities more quickly.
• How tools can help manage the proliferation of connected devices.
• Why OT will benefit from IT's lessons-learned.
• Creating a defense against your daughter's iPad.
• Why manufacturers have to do a better job of knowing what they're defending against.
• The non-complicated, but terrifying strategies of hacktivists and state-sponsored attack groups. (Click here to view the report discussed in this episode breaking down a recent hack on Russian manufacturing.)
• The evolution of component-level connectivity, and what that will mean for industrial cybersecurity.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Many attacks on manufacturers are just the first step in going after even bigger targets.

One of the inescapable truths about the industrial sector is that it is usually the ultimate proving ground for product performance. When we look at some of the technologies that have created seismic social shifts, tools like operational software, wireless connectivity and numerous monitoring devices were not ready for the demanding industrial environment right away.

When it comes to cybersecurity, that dynamic has done a 180. Hackers initially went after healthcare and financial institutions because they were seen as easy targets with deep pockets that would pay to make the problem go away as quickly as possible. 

Then 2020 came and put many industries on pause – except for manufacturing. Like moths to a flame, the hackers were drawn to OT networks and found not only a vulnerable target, but a lucrative one. We tackle these issues and many others in this episode with Sam Moyer, MxD’s Lead Cybersecurity Engineer. Some of the topics we discuss include:

• The lingering (live-off-the-land) nature of many state-sponsored or hacktivist group attacks.
• Finding the right ways to prioritize cybersecurity in manufacturing, and how the industry works "in it's own time."
• The disruptive or competitive push that manufacturing is missing.
• AI, and the potential traps to avoid in eliminating too much human knowledge.
• Why manufacturers are a target because of who they work with on a regular basis.
• Improvements in landscape visibility.
• The rise in frequency of manufactures paying ransomware demands.
• Navigating the regulatory landscape, and learning from past mistakes.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

In this episode, we dive into some of the most notorious attacks to hit manufacturing over the last six months.

In addition to speaking with cybersecurity experts from around the world for this podcast, I’ve also been able to do a fair amount of reporting on our websites regarding several high-profile industrial attacks. So, I felt like it could be interesting to present some of these articles via the Security Breach podcast in helping further the conversation around tactics and lessons learned.

So sit back and watch or listen as I dive into some of the most notorious attacks to hit the industrial community over the last six months.

• The first hack I’d like to cover is one that we’ve referenced several times here on the podcast – the  Cyber Av3ngers Unitronics PLC hack.
• The second attack I'm going to discuss involves a large player that those involved with industrial networking will immediately recognize – the Dark Angels penetration of Johnson Controls. This hack serves as a strong example of how a growing number of OT attacks can originate within IT systems or assets.
• We'll also take a look at another familiar company within the ICS community, and how they responded to a double-extortion ransomware attack from the Cactus RaaS group.
• Finally, we take a deep dive into another Dark Angels attack. This time the victim was Nexperia, a leading manufacturer of silicon-based processors based in The Netherlands, and a subsidiary of China-based Wingtech Technology.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

A look back at Security Breach guest's most accurate and timely industrial cybersecurity predictions.

As we near our 100th episode of Security Beach, I thought it would be a good time to take a look back at some of our guest’s predictions from the previous 12 months. 

If you want to check out the full episodes from any of these previous guests, you can find them in the show archives, or by clicking through to our website. So, join me as we take a look back at a collection of predictions from:

• Pete Lund at OPSWAT
• John Dwyer from IBM
• Siemens’ Kimberly Cornwell
• Moty Kanias from Nanolock
• NovaCoast’s Elise Manna-Browne
• Brian Haugli from SideChannel
• Huxley Barbee from runZero
• Forescout’s Daniel Trivellato
• Dragos’ Dawn Cappelli
• Impero’s Matthew Wolfe
• KnowBe4’s Erich Kron
• Tony Pietrocola from Agileblue

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

A smarter, well-funded hacker community means embracing basic, yet daunting cyber challenges.

In manufacturing, regardless of your role, avoiding downtime is an obvious priority, and one of the motivating factors driving investments in cybersecurity.

In working to mitigate potential DDoS attacks or malware drops, manufacturers are tapping into more resources in heightening their awareness of vulnerabilities and the associated remedies, which can include updating access protocols, applying patches and replacing old equipment and technology. 

The problem is that the solutions can actually contribute to the problem you were originally trying to avoid – downtime. 

Our guest for today’s episode looks to offer some solutions. Watch/listen as Gabe Dimeglio, VP of Global Security Services at Rimini Street, a leading provider of data security and managed services, offers his take on:

• Patching strategies that minimize downtime.
• Getting employees engaged in cybersecurity strategies.
• Ensuring buy-in from throughout the enterprise when security measures need to be implemented.
• The evolving nature of hacker skills and the volume of attacks they are able to launch.
• How nation states are developing an institutionalized approach to developing new and better-trained hackers.
• Placing a priority on visibility, inventory and segmentation tools.
• Why he's an advocate of better regulatory efforts, not necessarily more of them.
• The under-utilized resources available to constructing response plans.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

The new factors impacting a growing attack surface, and how to evolve your cyber risk strategies.

The origins of what we talk about here on Security Breach can go back to any number of transformational events, but the reality is that all of them contributed an individual component to the unique mosaic that is the legacy of industrial cybersecurity. What is most interesting is that the first hacks of industrial control systems occurred at water treatment facilities, oil and gas pipelines and energy plants.

These targets were chosen because they simultaneously provided great visibility, heightened social impact, and, most notably, easily exploitable vulnerabilities. In most cases, these attacks allowed the hackers to accomplish all of their early financial and self-promotional goals, along with longer-term benefits that we’re all dealing with now – how to successfully probe the ICS.

John Cusimano, VP of OT Security at Armexa is our guest for this episode. He's seen hackers apply these lessons learned about the industrial control system first-hand, and has some interesting thoughts on the current threat landscape, as well as solutions for keeping your systems secure. Watch/listen as we discuss:

• How he transitioned from a safety and automation engineer to a career in OT cybersecurity.
• The benefits of failing in a safe manner.
• The new dangers of remote monitoring.
• Ways to implement application safe listing.
• Always being prepared to answer the 'what if?' question.
• Micro-segmentation and DMZ strategies.
• Best practices for patching and avoiding alarm floods.
• Why his biggest concern lies in a large-scale, coordinate attack on the ICS.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

How a greater focus on new and legacy OT connections could alter the cybersecurity battlefield.

Everything old … is new again. While that might seem like a natural lead-in for discussing hacker tactics, that same mantra rings true when discussing OT technology. Mordor Intelligence recently reported that U.S. manufacturing spent over $307 billion on digital transformation technologies last year, and nearly every research and consulting outlet around the world is predicting that those numbers will rise in 2024. 

All this new software, connectivity, automation and equipment creates a familiar challenge when it comes to OT cybersecurity. This meshing of the old and new is something our guest for this episode is all too familiar with, and he’s here to break down everything associated with bringing legacy and next-gen together. 

Listen as Josh Williams, Strategic Account Manager at IriusRisk, offers his thoughts on secure-by-design, as well as:

• How the industrial sector gets a C- when it comes to securely integrating new technology into the OT landscape.
• Why the onus for secure-by-design concepts resides with the buyer.
• How monitoring became a critical vulnerability.
• The double-edged sword of connectivity.
• How state-sponsored hackers are a threat to more than just political targets.
• Why industrial OT is the front line in the cyber war.
• Why he doesn't want to be the "old man yelling at the clouds.".
• How supply chains have become manufacturing's biggest cyber concerns.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

The good, the bad and the ugly of mobile device security in the expanding OT attack landscape.

Included in the challenges associated with securing an ever-expanding OT attack surface is the role played by the increasing use of mobile devices – at both the enterprise and individual level. In fact, according to a recent report from Imprivata, only 46 percent of manufacturing organizations have the ability to maintain control over who has access to such devices and when, and 61 percent are using shared pin numbers to secure these devices. 

Additionally, an average of 16 percent of these devices are lost each year, costing organizations over $5M annually, not to mention the collateral damage from a security perspective.  This translates to an opportunity for hackers to unleash catastrophic damage by leveraging any vulnerabilities in areas like remote monitoring, and potentially new ways to worm into the networks associated with controlling your machines and systems.

Watch/listen as Joel Burleson-Davis, SVP of Cyber Engineering at Imprivata, returns to Security Breach to discuss OT mobile device security, as well as:

• The journey the industrial sector has made from devices that were never intended to be connected, to what Joel describes as OT "super connectivity".
• Why OT continues to be an easy target for hackers.
• The evolution of hacking groups.
• How we might be over-doing all the connectivity.
• The double-edged sword that is mobile use in the industrial sector.
• Avoiding 'mobile defeatism'.
• Combatting the growing number of dwelling or living-off-the-land attacks.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

It's not always about the ransom, data theft or denial of service.

Many cheered with the recent crackdowns  on groups like LockBit, and rightfully so. However, the harsh reality is that most of these victories are short-lived. For example, after law enforcement seized control of multiple LockBit websites and stolen data, the group was back to running extortion campaigns within a week.

And the same can be said for many other high-profile busts of groups like Hive and Volt Typhoon. These groups re-build or re-brand, as was the case with the Conti Group offshoot Black Basta. After Conti disbanded, Black Basta reformed from the ashes and tallied over $100 million in ransomware payments last year. 

My point is not to belittle the incredible work that global agencies are performing, but to illustrate that while the industrial sector continues to make tremendous gains - the war continues. And as we evolve and improve, so will the bad guys. 

And perhaps no one knows this better than our guest for this episode - Rod Locke. He’s the director of project management at Fortinet, a leading provider of OT cybersecurity solutions. Watch/listen as Rod shares his thoughts on:

• The growing influence of state-sponsored hacker groups.
• The rise of dwelling or live-off-the-land attacks and how some hackers are more focused on learning about their victims than harming them.
• Why OT can't always place the blame on IT, and the value in understanding both environments.
• How some regulatory efforts might have "swung too far."
• How to attract more "unique individuals" to cybersecurity.
• An anticipated rise in cloud infrastructure and the ways it will impact data security.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

How we're failing to properly support and train our most important cybersecurity asset.

According to Nozomi Networks February 2024 OT-IoT Security Report, manufacturing was exposed to more common vulnerabilities and exposures, or CVEs, than any other sector - realizing a 230 percent year-over-year increase in this area. Addressing even a fraction of these CVEs would be daunting, which is why understanding your assets is so basic, but so vital in establishing priorities and implementing approaches best suited to your security needs. 

To discuss these topics, and more, we welcome Jeff Nathan, Director of Detection Engineering at Netography, a leading provider of network security solutions, to the show. Watch/listen as he discusses:

• How social engineering tactics play a key role in manipulating emotional responses that trigger certain actions.
• The phishable weaknesses of MFA, and how its workflow might not be strengthening your security posture.
• Limiting your blast radius.
• The potential of encrypting endpoint data.
• Why cybersecurity needs to take a more scientific approach to defensive tactics.
• The industry's biggest miss on AI.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Threat intelligence is important, but why manufacturers should focus on risk factors first.

When it comes to the industrial sector’s ongoing cybersecurity challenges, we all know that there's more to defend, but what is most concerning is that we’re not responding quickly enough to the expanding threat landscape. In case you needed proof, here are some of the recent stats from Dragos 2023 Year in Review Report. It found that:

• 80 percent of industrial sector vulnerabilities reside deep within the ICS network, making them difficult to see and harder to kick out.
• 53 percent of the advisories Dragos analyzed could cause both a loss of visibility and control.
• Ransomware attacks against industrial organizations increased by 50 percent last year, and Dragos tracked 28 percent more ransomware groups focused on the ICS/OT environment.
• Attacks were confirmed in 33 unique manufacturing sectors.
• 74 percent of all vulnerability advisories had no mitigation strategy.

I’m not going to promise solutions for all of these challenges, but we’ve definitely found a guy interested in trying. Scott Sarris is an Information Security, Compliance and Privacy Solutions Advisor at Aprio, a leading advisory and business consulting firm. Watch/listen as we discuss:

• Why OT could affectionately be known as "Old Tech".
• The political factors impacting IT/OT divisiveness in the industrial sector, but why Scott is optimistic about the progress being made in bringing the two segments together.
• Why cybersecurity planning and investments needs to start with assessing and prioritizing risk.
• How slowing down can help ramp up security efforts.
• Why dwelling or living-off-the-land attacks will escalate.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

The sector's (forced) cyber awakening needs to focus on making it harder to be a hacker.

Regardless of how complex the attack, how organized the hacker, or how advanced the tools and tactics, security solutions usually lie in very fundamental practices. So, while you might think you already know enough about segmentation strategies, framework development, asset visibility or enhanced access controls, it’s these things that get overlooked and then exploited by hackers. 

It’s the evolution of these little things that our guest for today’s show likes to emphasize in helping to keep the OT environment secure. Watch/listen as Brian Deken, Commercial Manager of Cybersecurity Services at Rockwell Automation offers perspective on topics that include:

• How increased coverage and awareness of industrial cybersecurity has helped improve OT visibility, and incited more manufacturers to take real action.
• Why constantly evolving simple cyber strategies, like frameworks, segmentation and access hygiene are essential.
• What video gamers can teach us about finding OT security expertise.
• The status of IT-OT convergence.
• The attack from which some manufacturers will never recover.
• The positive impacts of supply chain vulnerabilities.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

How thinking like a hacker can lead to better cybersecurity ROI and avoid the dreaded "hope" strategy.

Regardless of what you might hear from some, ransomware in the industrial sector is at an all-time high in terms of frequency and cost. Zero day and day one vulnerabilities are being discovered at a historic level and patching continues to be a challenge.

Asset visualization and endpoint security have become more daunting thanks to technology-driven expansions of the industrial attack surface. And then there’s AI, SBOMs and botnets all waiting to wreak havoc on the ICS.

All of these factors, along with the growing complexity of the hacker community, means that industrial cybersecurity is no longer just about white and black hats. In fact, some would argue that perhaps the most important player in the cybersecurity arena now wears red.

Joining us to discuss his approach to "red teams on steroids" is Guy Bejerano, CEO of SafeBreach, a leading provider of Breach and Attack Simulation tools and services. Listen as we discuss:

• What it means to think like a hacker, but defend like a CISO.
• Developing security with a focus on running a business.
• Connecting the dots between the technical aspects of an attack and the impact of it on the business.
• Improving cybersecurity ROI by demonstrating the value of closing "gaps."
• Focusing on known attacks, as opposed to the "ghost" vulnerabilities.
• The growth of collaboration between IT and OT.
• Why manufacturing is still susceptible to legacy attacks.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Creating an OT vision, and why hackers are "like water."

With hackers repeatedly demonstrating that that they play no favorites in terms of the sector of manufacturing, its location, or the size of the enterprise, detection and response strategies can be universally dissected in addressing ransomware, phishing or any number of social engineering approaches. 

And this data, along with the potential solutions it fuels, can be made available to the industry as a whole – not just the largest or most well-known entities. Universal problems typically generate the most response. And what I’m seeing is a much more aggressive response from big players throughout the industry – including the employer of today’s guest, Alexandre Peixoto, Cybersecurity Business Director at Emerson Automation Solutions.

Listen/watch as we discuss:

• Why recent cybersecurity developments are less about how the hackers have changed and much more about attack surface evolution.
• How, why and when to bring IT into the cybersecurity conversation.
• How OT can learn from IT in developing a vision for ongoing cybersecurity needs.
• The importance of going through the cybersecurity journey, similar to digital transformation, in order to really understand needs and priorities.
• Why OT cybersecurity often forgets about the basics.
• How "hackers are like water."
• Tackling the legacy dynamics of SBOMs.
• The future role of over-the-air (OTA) software updates, and how they could impact security priorities.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Hacker insight and vulnerability updates are great, but that's only half the battle.

An ever-expanding attack surface has created a number of complexities when it comes to combining the benefits of new automation technologies with the challenges of securing the OT environment and supply chain. This led Cybersixgill to predict that in 2024, more companies will adopt Threat Exposure Management, a holistic, proactive approach to cybersecurity where cyber threat intelligence is a foundational component.

To discuss this perspective, and more, we sat down with Gabi Reish, Global Head of Product Development at Cybersixgill , a leading provider of industrial cybersecurity solutions. Listen as we discuss:

• How data breaches have grown to average $4.7M per attack in manufacturing - which is $300K more than other industries.
• Why the biggest benefit of threat intelligence might be gaining a better understanding of how to position cyber assets.
• The latest SEC regs and how disclosing incidents makes the industry better.
• The potential impact of virtual patching.
• Why some OT specialists are being asked to "predict the weather without any forecasting tools."
• How and why ransomware attacks are getting more complicated.
• "Human nature is a problem."
• How AI is allowing hackers to "seem more human" and why that's a huge problem.
• We need more technology that works like a guardrail.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Sophos recently reported that 65 percent of manufacturing and production organizations were hit by ransomware last year, which, unlike other sectors, is an increase. Overall, these attacks have increased by 41 percent for manufacturing since 2020. Additionally, the cybersecurity firm found that 44 percent of computers used in manufacturing have been impacted by a ransomware attack, and over half of these intrusions can be directly linked to malicious emails and compromised credentials. 

These findings help illustrate what we’ve known for years – hackers would rather log in than break in. And stopping these types of attacks requires starting with your front line defenses – the workforce. 

Our guest for today’s episode will look to offer some solutions for transitioning employees from a weak link to a key cybersecurity asset. Watch/listen as Shawn Waldman, CEO and Founder of Secure Cyber, a leading provider of secure network design solutions, discusses:

• Why he would give the industrial sector a low D when grading their ability to effectively communicate security processes and protocols.
• How to address those employees that continue to click on every link in their emails.
• Why cybersecurity should be treated like a trade.
• Understanding the difference between security tools and IT services.
• Implementing accountability without being overly punitive and rewarding employees for positive cybersecurity actions.
• The concerns he has about 5G and quantum decryption.
• Avoiding the AI "easy button".

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

The tech that's helping social engineers expand current exploits, including credential harvesting.

In this episode, we welcome Kory Daniels, CISO of Trustwave, a leading provider of industrial cyber risk solutions, to the show. The conversation spanned a number of topics, including:

• The double-edged sword of credential harvesting hacks.
• How data theft is providing greater visibility of an organization's supply chain and partners in helping cybercriminals accumulate more potential targets.
• The challenges of implementing and sustaining data hygiene practices.
• Using AI to to fill cybersecurity jobs.
• How new technology, like AI, is helping cybercriminals lower their operating costs.
• Understanding that you can't defend what you don't know or understand about your internal landscape.
• Embracing the benefits of IIoT, but understanding the security risks it carries.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

How prioritizing the wrong data and assets is leading to more cyber risk.

When it comes to OT security, the cruel reality is that the bad guys are doing what most predators do over time – they continue to hunt and evolve. This evolution allows hackers to constantly adjust to new security protocols and more rapidly react to common vulnerabilities – often days, weeks or months before a suitable patch or solution can be put in place. 

It’s the black hat’s constant drive to enhance their attacks that led us to this episode's discussion and guest. I recently sat down with Rick Kaun, VP of Solutions at Verve Industrial Protection. Verve is a leading provider of endpoint security, vulnerability testing and network segmentation strategies.

Join us as Rick discusses:

• What 'done' looks like.
• Why nobody wants to be a CISO right now.
• The opportunities represented by former military personnel coming into cybersecurity.
• Why there's too much attention around SBOMs ... right now.
• The best ways to use AI.
• How identifying the "crown jewels" is the most important step to protecting them, and why this is consistently overlooked.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

How the legacy of OT innovation contributes to cyber challenges.

Vulnerabilities across the cybersecurity landscape are obviously trending in an upward direction. Perhaps most concerning, however, is the number of zero and one-day vulnerabilities being uncovered in key industrial control systems by many of the sector’s leading providers of software, automation and system integration services.

These vulnerabilities not only open the door for potential attacks, but lend credence to other cybersecurity challenges, such as patching, proper segmentation strategies and trying to accommodate the potential downtime associated with identifying and rectifying these embedded problems. 

Constantine Antoniou, Cybersecurity Business Consultant in Schneider Electric's Global Cybersecurity Solutions and Services business, promises to offer a unique perspective on these challenges and potential solutions.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Two recent vulnerabilities, one traditional and one frighteningly unique, could reshape industrial cybersecurity.

In this episode, we’re going to dive into two recently detected vulnerabilities that could have a significant impact on the industrial sector, as they involve two companies with wide-reaching influence on manufacturers of all sizes. 

One involves the Siemens Automation License Manager, and the potential threats a vulnerability poses to industrial control system data security for its users.

The second stems from a unique source – a Bosch assembly tool. More specifically, we’re talking about a very popular nutrunner/pneumatic torque wrench that could potentially be exploited by hackers to create extortion campaigns. 

We discuss these security challenges with Andrea Palanca, a security researcher at Nozomi Networks, and Eran Jacob from OTORIO.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Elevated social engineering, more connections and growing extortion amounts will drive attack growth.

Late last year we discussed Lockbit’s ransomware attack on Boeing, and the ensuing “cyber incident” that resulted in a large quantity of the aerospace giant’s data being stolen. One of the experts we tapped into in breaking down the attack, and its fallout, was Tony Pietrocola.

In addition to serving as the president of AgileBlue, he also heads the Northern Ohio chapter of InfraGard, which works directly with the FBI on cybercrime.

You can check that Boeing episode out in our archives.

In addition to his extensive knowledge on threat actors like Lockbit, Tony also has a tremendous amount of insight on ways to improve attack surface visibility, especially as hackers are beginning to utilize next-gen tools like AI.

For more information on the work AgileBlue does, you can check them out at agileblue.com

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Coordinating patches, covering the basics and not falling for 'pinky promises.'

Late last year we discussed Lockbit’s ransomware attack on Boeing, and the ensuing “cyber incident” that resulted. One of the experts we tapped into in breaking down the attack, and its fallout, was KnowBe4’s Erich Kron.

You can check that episode out in our archives.

In addition to his extensive knowledge on threat actors like Lockbit, Erich also has a tremendous amount of insight on a number of cybersecurity challenges that continue to plaque the industrial sector, including the human elements. His knowledge seems especially timely given that one of the most significant vulnerabilities uncovered in the last month stems from a hacktivist group using unchanged default passwords to access PLCs in water treatment facilities and manufacturing plants.

Just like Colonial Pipeline and numerous other attacks, this global vulnerability started with the actions, or inactions, of a human being. This episode offers some additional insight from Erich Kron at KnowBe4.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

A former black hat offers insight on defending against hackers that "go for the throat every time."

One of the mindsets shared by hackers and their corporate victims is the desire to put a successful bow on the calendar year. For you this could mean hitting a collection of shipping dates, production quantities or equipment implementations. What many are beginning to realize is that the black hat community has a number of year-end targets to hit as well.

The focus on closing out orders, dealing with holiday-related slowdowns and potentially fewer employees on the plant floor often leave doors open to hackers. It’s no surprise that these dynamics often result in the last quarter of the year producing large spikes in ransomware, DDoS and credential harvesting attacks.

Our guest, Matthew Wolfe, Director of Cybersecurity Operations at Impero, offers insight on these attacks and how some of his previous experiences have given him a unique take on the bad guy's tactics.

We’re also excited to announce that Palo Alto Networks is sponsoring this episode. For more information on zero trust security for all OT environments and simplified operations, go to www.paloaltonetworks.com/network-security.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com. 

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Accidental advancements by state-sponsored hackers are impacting ICS security, and elevating network visibility needs.

Amongst the traditional threats to manufacturing enterprises and industrial control systems are the escalating roles of state-sponsored hacker groups. Refined through recent hostilities in the Ukraine and Gaza Strip, more and more cyber attacks against critical infrastructure around the world has cybersecurity experts looking beyond independent RaaS groups and malware drops.

What makes these organizations so concerning is that they are more focused on stealing data and manipulating operations than extorting funds. This means the challenges associated with dwell time and asset visibility now take on even greater prominence.

That’s why we’ve invited Paul Ernst to the show. Paul will call upon his military experience, as well as his current role, to help us better understand these nation-state threats and vital ICS vulnerabilities.

We’re also excited to announce that Palo Alto Networks is sponsoring this episode. For more information on zero trust security for all OT environments and simplified operations, go to www.paloaltonetworks.com/network-security

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

MITRE’s ATT&CK knowledgebase, and the intrusion patterns, hacker tactics and response data it provides.

While there are a number of indicators showing the positive direction in which industrial cybersecurity is heading, it's still worth taking a look at some of the more alarming facts impacting our current situation. For example, Fortinet is reporting that:

• Three-fourths of industrial enterprises reported at least one OT intrusion in the last year.
• Nearly one-third of all ransomware attacks continue to target the industrial sector, with a nearly 10 percent uptick in attacks going undetected until the extortion or blackmail note arrives.
• Intrusions from malware and phishing attacks have increased by one-third.

But there is good news. Fortinet reports that 98 percent of organizations now include its OT cybersecurity posture in briefings with executive leadership. We also know more about the bad guys today, then we ever have before, with some of this progress attributed to the work being done by today’s guests - Adam Pennington and Jake Steele from MITRE’s ATT&CK knowledge database.

We’re excited to announce that Palo Alto Networks is sponsoring this episode. For more information on zero trust security for all OT environments and simplified operations, go to www.paloaltonetworks.com/network-security.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com. 

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Balancing resources to keep the bad guys out, improve real-time visibility, and develop quicker responses to new attacks.

In what might be legendary singer Johnny Cash's most famous song, he speaks of keeping his eyes wide open all the time, and those tasked with OT security responsibilities are finding that they too need to walk the line. 

In the cybersecurity world this means balancing between the priorities of different operational environments, selecting tools and technologies that best match these priorities, and then understanding how all these investments can be intertwined to carry out your strategy. Unfortunately, this makes it bit more difficult to stay true to original plans. 

Navigating that line also entails an understanding that keeping the bad guys out is not the sole function of cyber defense, because the evolution of threats and an expanding OT attack surface has created an incredibly complex environment – a fact that is as obvious as night is dark and day is light. 

So, to keep us walking that line in understanding how to adapt our tools and strategies, we welcome Stephen Tutterow, a team lead at Pentera, to the show. Pentera is a leading provider of automated security validation solutions.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com. 

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

I recently watched an interesting documentary called Turning Point: The Bomb and the Cold War on Netflix. Great watch – I’d highly recommend it. Essentially it positioned nearly every prominent geo-political event since World War II as fallout from the U.S. dropping the nuclear bomb on Japan to end World War II.

Similarly, we can look at a number of recent, major cybersecurity events that have their origins in attacks on critical infrastructure. Whether you want to go all the way back to Stuxnet, or more recent developments like Colonial Pipeline, hackers realized that the control systems utilized in these environments mirror those used by manufacturers like Boeing, Clorox, Johnson Controls and many others who have been recent victims of high-profile hacks.

Joining me to discuss these dynamics is Bill Moore, the founder and CEO of XONA Systems, a leading provider of secure access solutions. Watch/listen as he dives into:

• The challenges of updating and securing the legacy tech found throughout manufacturing and critical infrastructure.
• Getting past the 'set it and forget it' mindset of industrial cybersecurity.
• Strategies for implementing updates and patches without slowing operations or opening new doors to hackers.
• Ways to improve funding processes to ensure security needs are met and keep pace with an evolving threat landscape.
• How the more distributed dynamic of OT technology needs to be understood in developing new strategies and implementing new tools.
• Lessons learned from Colonial Pipeline.
• Ways to optimize regulatory efforts.
• Why every industrial organization needs a dedicated Director of OT Security.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Industry experts assess the ransomware attack, the attacker, and critical takeaways for manufacturers of all sizes.

Recently, one of the most high-profile manufacturers in the world – Boeing – suffered what they’re describing as a “cyber incident”, which resulted in a large, but unknown quantity of data being stolen and held for ransom by the notorious Russian RaaS group, Lockbit.

Lockbit, which is highly recognized as one of the most prolific threat actors targeting the industrial sector, obtained what is currently assessed as Citrix cloud files, security controls, email backups and corporate emails. The leak is potentially tied to a parts distribution company, Aviall, that Boeing purchased in 2006.

What remains to be seen, despite Boeing’s claims, is just how damage this leak could cause, what the ramifications might be moving forward, how Boeing might respond and what the industrial sector can learn from this incident.

We’ve assembled two leading industry experts to break down the attack - KnowBe4’s Erich Kron and Tony Pietrocola, president of AgileBlue and the Northern Ohio chapter of InfraGard.

We’re also excited to announce that this episode is being sponsored by Palo Alto Networks. Protect your OT assets, networks and remote operations with Zero Trust OT Security from Palo Alto Networks. It’s powered by AI and machine learning while offering comprehensive visibility, zero trust security for all OT environments, and simplified operations. For more information on zero trust security for all OT environments and simplified operations, go to www.paloaltonetworks.com/network-security.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcast

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Staying ahead of hackers as they look to infiltrate every new connection point.

The balancing act continues when it comes to industrial cybersecurity, with the focus of many organizations split between focusing on known internal weaknesses or harnessing a better understanding of the external black hat organizations wanting to shut them down, steal data or extort payments.

One stat that helps demonstrate this dynamic comes from the IBM Security X Force Threat Intelligence Index, which shows a 94 percent reduction in the average time for the deployment of ransomware attacks. What took attackers over two months in 2019, now takes less than four days. Another example comes from Open Text’s 2023 Cybersecurity Threat Report that took a closer look at the notorious LockBit group. Not only have they dropped more malware than any other in the last year, but they’ve begun to implement triple-extortion tactics.

Joining us to discuss these and other topics related to threat intelligence and how to prioritize it, is Jonathan Tomek, VP of Research and Development at Digital Element, and co-founder of THOTCON, a hacking and security conference hosted in Chicago each spring.

We’re excited to announce that Palo Alto Networks is sponsoring this episode. For more information on zero trust security for all OT environments and simplified operations, go to www.paloaltonetworks.com/network-security.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com. 

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

There are two common elements of a hacker’s strategy that show up regardless of whether it’s a ransomware attack on a local healthcare system or a malware drop on a global automotive manufacturer. 

The first is speed. Once an exploit is detected by the bad guys, they will work as quickly as possible to take advantage of it, hopefully beating the deployment of any patches. 

The second element is manipulation. Most commonly, hackers take advantage of well-established systems that have unextraordinary access points, legacy connections or human management dynamics that are easily manipulated by altering software code, stealing login data or introducing malware. 

Based on these fundamental dynamics, it would seem that hackers could benefit greatly from a tool that reduces a human being’s grunt work and utilizes algorithms and automation to produce the text for a phishing email, to re-write software code, or to develop data mining protocols to obtain logins and personal information.

That tool is obviously artificial intelligence, and the hackers are all too familiar on how to use AI platforms for their nefarious purposes.

Fortunately, the good guys have also become well-schooled in the art of AI, and one example is Gary Southwell, the VP and General Manager at ARIA Cybersecurity. He joins us to share some AI tricks that can slow down and defeat threat actors.

We’re excited to announce that Palo Alto Networks is sponsoring this episode. For more information on zero trust security for all OT environments and simplified operations, go to www.paloaltonetworks.com/network-security.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts   Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.